Home page logo
/

nmap-dev logo Nmap Development mailing list archives

autonomous system numbers NSE script
From: "Michael Pattrick" <mpattrick () rhinovirus org>
Date: Tue, 17 Jun 2008 20:40:42 -0400

Hey everyone,

I wrote this script to find autonomous system numbers using the method
described here [1].

But there are two problems:
 - A query will return the same ASN if its in the same BGP netblock.
My script also discovers the BGP netblock, is there any way to cache
results in this case - ie check if the IP fits into a netblock that
we've already scanned?
 - The website states that the the best way is the DNS method, and
hosts making too many whois queries will be blocked, is there a way to
forge DNS query packets in NSE or would there need to be some kind of
DNS API? I tried making the raw packet in a lua script and ssending it
out but wireshark claimed that the packet was malformed :(

I sent a copy to some of the NSE devs to see if they could figure out
a better way, so now im sending it to the list.

Here is an example of the output:
$ ./nmap --script ASQuery.nse -p80 rhinovirus.org

Starting Nmap 4.65 ( http://nmap.org ) at 2008-06-17 20:39 EDT
Interesting ports on ip-68-178-252-14.ip.secureserver.net (68.178.252.14):
PORT   STATE SERVICE
80/tcp open  http

Host script results:
|_ Autonomous Numbers: BGP Prefix: 68.178.252.0/22 AS number: 26496
Country Code: US


Cheers,
Michael

[1] http://www.team-cymru.org/Services/ip-to-asn.html

Attachment: ASQuery.nse
Description:


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]